OUD(Oracle Unified Directory) /LDAP Retiring

What is changing

For the past several years, ITC has been working to standardize on a single enterprise LDAP directory - Microsoft Active Directory. This will save on licensing and hardware costs, and eliminate the complexity of maintaining two directories with identical data. This process is reaching completion, and the OUD LDAP directory (ldap.dartmouth.edu) will be retired through July and August 2022 and will not be available.

 

How will this affect me and what options to use

If you have any applications or services that are currently talking to ldap.dartmouth.edu, please start migrating them to use Active Directory (kiewit.dartmouth.edu) on or before August 26th, 2022

AD has all the same users and attributes that were present in ldap.dartmouth.edu, but there are a few differences in how you access it (in order to provide better security):

- no anonymous queries: 

    You’d have to authenticate with AD to do a query

 

- no access from the public internet

    you must be on the Dartmouth network (physical or VPN) to connect to AD

 

If you have any questions or need additional information reconfiguring your application, reach out to us via the slack channel  (#oud_ldap) or email dartidm@list.dartmouth.edu

Configuration for migrating from OUD (ldap.dartmouth.edu) to Active Directory

To switch from querying OUD (ldap.dartmouth.edu) to Active Directory (kiewit.dartmouth.edu), a few changes are necessary.

The details of how to configure these settings will vary depending on what application you're using, but the basics are:

LDAP configuration for querying Active Directory

 

Hostname: kiewit.dartmouth.edu

Port: 636

Username: SOME-NETID@kiewit.dartmouth.edu

Password: SOME-NETID-PASSWORD

Search Base: dc=kiewit,dc=dartmouth,dc=edu

 

 

Active Directory contains all the same data present in OUD, but some attributes are named differently between the two directories. In particular, the netid is named "uid" in OUD and  "samaccountname" in AD, so if you are trying to look up a netid, you need to ask for a different attribute.

 

Also please note:

  •  Authentication is required (no anonymous searches)
  • AD is not accessible from outside the Dartmouth network (on-campus or VPN)

Retiring Timeline

OUD Servers will be retired on these dates July 7th, August 19th, and  August 26th 2022


 

Details

Article ID: 141500
Created
Thu 2/17/22 10:53 AM
Modified
Wed 6/29/22 3:13 PM